package com.haredot.security;

import com.haredot.vo.R;
import org.springframework.http.MediaType;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.http.server.ServletServerHttpResponse;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class JsonAccessDeniedHandler implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        // 使用 R ，并设置 未认证
        R<?> ret = R.fail(R.StatusCode.FORBIDDEN).build();

        new MappingJackson2HttpMessageConverter().write(ret, MediaType.APPLICATION_JSON, new ServletServerHttpResponse(response));
    }
}
